Encryption/decryption appararus
Fujisaki; Koichi ; et al.
Patent Application Summary
U.S. patent application number 11/511401 was filed with the patent office on 2007-03-29 for encryption/decryption appararus. This patent application is currently assigned to KABUSHIKI KAISHA TOSHIBA. Invention is credited to Koichi Fujisaki, Atsushi Shimbo, Hideo Shimizu.
| Application Number | 20070071235 11/511401 |
| Document ID | / |
| Family ID | 37893975 |
| Filed Date | 2007-03-29 |
| United States Patent Application | 20070071235 |
| Kind Code | A1 |
| Fujisaki; Koichi ; et al. | March 29, 2007 |
Encryption/decryption appararus
Abstract
A first Exclusive OR circuit operates an Exclusive OR between input data and a predetermined random number. An operation circuit performs one operation of encryption and decryption of output data from the first Exclusive OR circuit. A data register circuit, which has a plurality of data hold units, holds data from the operation circuit in one data hold unit of the plurality of data hold units in response to a selection signal, and supplies the data from the one data hold unit to the operation circuit. A second Exclusive OR circuit performs an Exclusive OR between output data from the data register circuit and the random number. The operation circuit recursively performs the one operation of the data from the data register circuit and outputs next data to the data register circuit.
| Inventors: | Fujisaki; Koichi; (Kanagawa-ken, JP) ; Shimizu; Hideo; (Kanagawa-ken, JP) ; Shimbo; Atsushi; (Tokyo, JP) |
| Correspondence Address: |
FINNEGAN, HENDERSON, FARABOW, GARRETT & DUNNER;LLP
901 NEW YORK AVENUE, NW
WASHINGTON
DC
20001-4413
US
|
| Assignee: | KABUSHIKI KAISHA TOSHIBA |
| Family ID: | 37893975 |
| Appl. No.: | 11/511401 |
| Filed: | August 29, 2006 |
| Current U.S. Class: | 380/28 |
| Current CPC Class: | H04L 9/003 20130101; H04L 2209/046 20130101; H04L 2209/12 20130101; H04L 2209/08 20130101 |
| Class at Publication: | 380/028 |
| International Class: | H04L 9/28 20060101 H04L009/28 |
Foreign Application Data
| Date | Code | Application Number |
|---|---|---|
| Sep 29, 2005 | JP | P2005-285596 |
Claims
1. An encryption/decryption apparatus comprising: a random number supply unit configured to supply a random number; a first Exclusive OR circuit configured to perform an Exclusive OR between input data and the random number; an operation circuit configured to perform one operation of encryption and decryption of output data from the first Exclusive OR circuit; a data register circuit having a plurality of data hold units, configured to hold data from the operation circuit in one data hold unit of the plurality of data hold units in response to a selection signal, and to supply the data from the one data hold unit to the operation circuit; and a second Exclusive OR circuit configured to perform an Exclusive OR between output data from the data register circuit and the random number; wherein the operation circuit recursively performs the one operation of the data from the data register circuit and outputs next data to the data register circuit.
2. The encryption/decryption apparatus according to claim 1, wherein the plurality of data hold units is two data hold units.
3. The encryption/decryption apparatus according to claim 1, wherein the plurality of data hold units is equal to or more than three data hold units.
4. The encryption/decryption apparatus according to claim 1, wherein the random number supply unit includes a random number generator configured to repeatedly generate a random number of which length is shorter than the input data, and a random number hold unit configured to connect a plurality of random numbers from the random number generator and to fixedly hold the random number of which length is equal to the input data.
5. The encryption/decryption apparatus according to claim 1, wherein the operation circuit executes operation processing of the output data from the first Exclusive OR circuit at the first operation time, and executes the operation processing of previous operated data from the second operation time.
6. The encryption/decryption apparatus according to claim 5, wherein the random number supply unit fixedly supplies the random number before the first operation time.
7. The encryption/decryption apparatus according to claim 1, wherein the first Exclusive OR circuit is included in the operation circuit.
8. The encryption/decryption apparatus according to claim 1, further comprising: a selection signal generation unit configured to repeatedly generate the selection signal in synchronization with input timing of the data from the operation circuit to the register circuit.
9. The encryption/decryption apparatus according to claim 8, wherein the data register circuit holds the data in one data hold unit selected by the selection signal whenever the data is input from the operation circuit.
10. The encryption/decryption apparatus according to claim 9, wherein the data register circuit recursively supplies the data from the one data hold unit to the operation circuit at each operation time while an operation completion signal from the operation circuit is not received.
11. The encryption/decryption apparatus according to claim 10, wherein the data register circuit outputs the data from the one data hold unit to the second Exclusive OR circuit in response to the operation completion signal.
12. The encryption/decryption apparatus according to claim 11, wherein the second Exclusive OR circuit outputs an operation result of Exclusive OR between the data and the random number to the outside.
13. The encryption/decryption apparatus according to claim 1, wherein, if the input text data is plain text data, the operation circuit operates encryption of the plain text data and outputs cipher text data as an encryption result.
14. The encryption/decryption apparatus according to claim 1, wherein, if the input text data is cipher text data, the operation circuit operates decryption of the cipher text data and outputs plain text data as a decryption result.
15. The encryption/decryption apparatus according to claim 1, wherein the selection signal does not continually indicate the same data hold unit in the plurality of data hold units.
16. The encryption/decryption apparatus according to claim 1, wherein the data register circuit resets contents of another data hold unit not selected by the selection signal in the plurality of data hold units.
17. The encryption/decryption apparatus according to claim 1, wherein the data register circuit reverses contents of another data hold unit not selected by the selection signal in the plurality of data hold units.
18. The encryption/decryption apparatus according to claim 1, wherein the data register circuit rewrites contents of another data hold unit not selected by the selection signal with predetermined binary data or a random number.
19. An encryption/decryption apparatus comprising: an operation circuit configured to perform one operation of encryption and decryption of input data; a data register circuit having a plurality of data hold units, configured to hold data from the operation circuit in one data hold unit of the plurality of data hold units in response to a selection signal, and to supply the data from the one data hold unit to the operation circuit; wherein the operation circuit recursively performs the one operation of the data from the data register circuit and outputs next data to the data register circuit.
20. The encryption/decryption apparatus according to claim 19, further comprising: a first Exclusive OR circuit configured to perform an Exclusive OR between the input data and a predetermined random number; and a second Exclusive OR circuit configured to perform an Exclusive OR between output data from the data register circuit and the predetermined random number.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application is based upon and claims the benefit of priority from prior Japanese Patent Application No.2005-285596, filed on Sep. 29, 2005; the entire contents of which are incorporated herein by reference.
FIELD OF THE INVENTION
[0002] The present invention relates to an apparatus for encrypting/decrypting data by repeatedly executing the same operation processing.
BACKGROUND OF THE INVENTION
[0003] In general, in a block cipher algorithm such as the DES method determined by FIPS46-3 (FIPS: Federal Information Processing Standard), data is encrypted/decrypted by repeating a predetermined operation processing a predetermined number of times. Concretely, whenever the operation processing is executed, an operation result is temporarily stored in a memory means (Ex. Register). The next operation processing is executed using the current operation result, and the next operation result is overwritten in the memory means. Briefly, encryption/decryption is executed while updating the operation processing stored in the memory means.
[0004] Aim at data change in the memory means is explained. Hamming distance is represented as a difference between two operation results continued on a time axis. If there is correlation between Hamming distance and power consumption, then an attacker reveals secret information in an encryption/decryption apparatus. And one method for estimating secret information in the encryption/decryption apparatus is the DPA (Differential Power Analysis), which using analysis data for transition of change of power consumption and data.
[0005] By using the DPA, if a change of the power consumption of a circuit (having encryption function) or a processor (executing encryption operation) relates to secret data during operation, the secret data can be disclosed. The DPA is an attack without a destroy package. By watching an outside of a chip (or a device), it is not decided whether key information is extracted with the attack or not, and it is feared that damage by unauthorized use expands. Accordingly, in the circuit for encryption, protection against a DPA attack is necessary.
[0006] One of a countermeasure for the DPA is the data mask method for hiding any correlation between the power consumption and the operation data from an attacker. For example, the data mask method is disclosed in "An implementation of DES and AES, secure against some attacks", Proceedings of CHES 2001, LNCS 2162, pp. 309-318, 2001.
[0007] In the data mask method, a random number is used as data for masking. By performing Exclusive OR between data for operation and data for masking, the data for operation is masked. Briefly, by masking data with the random number during operation, the attacker cannot correctly estimate the data on operation. As a result, secret information in the encryption module cannot be disclosed.
[0008] In case of executing the DPA protection by the data mask method, it is desired that a random number of necessary quantity is always obtained. However, if constraint of the power consumption and a circuit scale is strict such as an IC card, output data width of a random number generation circuit need be miniaturized.
[0009] In this case, in order to obtain the random number for masking from the random number generation circuit, several clocks are necessary. Furthermore, by relationship between an output data width of the random number generation circuit and a data width for masking, operation processing often waits several clock periods. Briefly, during processing of encryption/decryption, wait time for generation of random number occurs at each operation.
[0010] Accordingly, in each timing of encryption/decryption, operation data is masked with the same random number by Exclusive OR. Hereinafter, "masking" means Exclusive OR between data for masking and data for operation.
[0011] In case of writing two continuous masked data (Masked Data A and Masked Data B) into the memory means, Hamming distance of data is explained. As for the Masked Data a firstly written into the memory means, Data A being on operation is masked by data ("RN") for masking. As for the Masked Data B secondly written into the memory means, Data B being on operation is masked by data ("RN") for masking.
[0012] The Hamming distance of data in the memory means is the same as the operation result of Exclusive OR of two written data. Accordingly, the Hamming distance is represented as follows. The .times. .times. Hamming .times. .times. distance .times. .times. .times. of .times. .times. data = Masked .times. .times. Data .times. .times. A .times. Masked .times. .times. Data .times. .times. B = ( Data .times. .times. A .times. RN ) .times. ( Data .times. .times. B .times. RN ) = Data .times. .times. A .times. Data .times. .times. B .times. RN .times. RN = Data .times. .times. A .times. Data .times. .times. B ##EQU1##
[0013] In this way, data for masking ("RN") is eliminated. This corresponds to the change quantity of two continuous data in the memory means. Therefore if an attacker can correctly estimate the change quantity (Hamming distance) in the memory means, secret information can be disclosed and safety cannot be guaranteed. (Analysis model aiming at Hamming distance of two continuous data is called a state transition model.)
SUMMARY OF THE INVENTION
[0014] The present invention is directed to an encryption/decryption apparatus with enhanced security against a DPA attack while suppressing increase of a number of transistors in circuit.
[0015] According to an aspect of the present invention, there is provided an encryption/decryption apparatus comprising: a random number supply unit configured to supply a random number; a first Exclusive OR circuit configured to perform an Exclusive OR between input data and the random number; an operation circuit configured to perform one operation of encryption and decryption of output data from the first Exclusive OR circuit; a data register circuit having a plurality of data hold units, configured to hold data from the operation circuit in one data hold unit of the plurality of data hold units in response to a selection signal, and to supply the data from the one data hold unit to the operation circuit; and a second Exclusive OR circuit configured to perform an Exclusive OR between output data from the data register circuit and the random number; wherein the operation circuit recursively performs the one operation of the data from the data register circuit and outputs next data to the data register circuit.
[0016] According to another aspect of the present invention, there is also provided an encryption/decryption apparatus comprising: an operation circuit configured to perform one operation of encryption and decryption of input data; a data register circuit having a plurality of data hold units, configured to hold data from the operation circuit in one data hold unit of the plurality of data hold units in response to a selection signal, and to supply the data from the one data hold unit to the operation circuit; wherein the operation circuit recursively performs the one operation of the data from the data register circuit and outputs next data to the data register circuit.
BRIEF DESCRIPTION OF THE DRAWINGS
[0017] FIG. 1 is a block diagram of encryption/decryption apparatus according to one embodiment.
[0018] FIG. 2 is a block diagram of a random number supply unit 12 in FIG. 1.
[0019] FIG. 3 is a block diagram of a register circuit 14 in FIG. 1.
[0020] FIG. 4 is a schematic diagram of a table 40 storing a plurality of selection patterns.
[0021] FIG. 5 is a time chart among a selection signal of a selection signal generation unit 16 and masked data stored in data hold units 33-1 and 33-2.
[0022] FIG. 6 is a block diagram of one bit register circuit in which a plurality of logical circuits is combined.
[0023] FIG. 7 is another block diagram of the register circuit 14 in FIG. 1.
DETAILED DESCRIPTION OF THE EMBODIMENTS
[0024] Hereinafter, various embodiments of the present invention will be explained by referring to the drawings. The present invention is not limited to the following embodiments.
[0025] FIG. 1 is a block diagram of an encryption/decryption apparatus according to one embodiment. The encryption/decryption apparatus 10 may be any of an encryption apparatus for encrypting plain text data and generating cipher text data, a decryption apparatus for decrypting cipher text data and generating plain text data, and an encryption/decryption apparatus having both functions. Furthermore, the encryption/decryption apparatus 10 is based on an encryption/decryption algorithm for repeatedly executing the same operation processing.
[0026] In the encryption/decryption apparatus 10, plain text/cipher text data and key data each having a predetermined length are input, and cipher text/decipher (plain) text data of predetermined length is output. A data length of plain text/cipher text data and a data length of key data are determined by the encryption/decryption algorithm.
[0027] The encryption/decryption apparatus 10 includes an operation circuit 11, a random number supply unit 12, Exclusive OR circuits 13 and 15, a register circuit 14, and a selection signal generation unit 16.
[0028] The operation circuit 11 executes a predetermined operation (based on the encryption/decryption method) with input data, and outputs the operation result as output data. At start time of encryption/decryption, plain text/cipher text data from the outside is regarded as input data. At each time after the start time, output data (previous operation result) from the operation circuit 11 is regarded as input data. Furthermore, operation of the operation circuit 11 is affected by the key data.
[0029] The random number supply unit 12 constantly supplies the same random number in one processing period of encryption/decryption (a period from input time of plain text/cipher text data to output time of cipher text/plain text data).
[0030] FIG. 2 is a block diagram of one example of the random number supply unit 12. A random number generation unit 21 generates a random number. A length of the random number generated by the random number generation unit 21 per one time is shorter than a length of input data to input to the encryption/decryption apparatus 10. For example, the random number generation unit 21 generates a random number of eight bits per one time, and repeatedly generates the random number until a length of random numbers generated is equal to a length of the input data. The random number generation unit 21 which generates a random number of short lengths per one time can be realized with a small package scale.
[0031] A random number hold unit 22 can hold data having the same length as the plain text/cipher text data to be input to the encryption/decryption apparatus 10. Concretely, the random number hold unit 22 serially connects each random number generated from the random number generation unit 21 until a length of connected random numbers is equal to a length of the plain text/cipher text data, and constantly outputs the (connected) random number having the equal length.
[0032] In the random number supply unit 12, it takes time to prepare the random number to be supplied. However, the random number supply unit 12 can be miniaturized, which is useful for the IC card.
[0033] In FIG. 1, the Exclusive OR circuit 13 operates Exclusive OR between input data (plain text/cipher text data) and a random number from the random number supply unit 12. Briefly, the Exclusive OR circuit 13 masks input data to be supplied to the operation circuit 11. Hereinafter, output from the Exclusive OR circuit 13 is called masked data.
[0034] The register circuit 14 temporarily holds masked data operated from the operation circuit 11, and supplies the masked data as next input data to the operation circuit 11. Furthermore, the selection signal generation unit 16 generates a selection signal to the register circuit 14. Detail of the register circuit 14 and the selection signal generation unit 16 are explained afterwards.
[0035] The Exclusive OR circuit 15 operates Exclusive OR between masked data from the register circuit 14 and the random number from the random number supply unit 12 by each bit. The Exclusive OR has characteristic that some data returns to original data by executing the same Exclusive OR two times. For example, input data to the encryption/decryption apparatus 10 is masked with the random number (from the random number supply unit 12) by the Exclusive OR circuit 13, and masked data is input to the operation circuit 11. Operation result of the masked data from the operation circuit 11 is supplied to the Exclusive OR circuit 15 through the register circuit 14. Last, the Exclusive OR circuit 15 operates Exclusive OR between an operation result of masked data and the same random number (from the random number supply unit 12). As a result, the operation result of masked data returns to an operation result of original data. Briefly, masked data exists between the Exclusive OR circuit 13 and the Exclusive OR circuit 15. In this case, the random number supply unit 12 supplies the random number only when an operation completion signal is received from the operation circuit 11. Furthermore, a clock signal to synchronize with processing is supplied to the operation circuit 11 and the register circuit 14 (not shown in FIG. 1).
[0036] FIG. 3 is a block diagram of the register circuit 14. The register circuit 14 includes an input timing control unit 31, two data hold units 33-1 and 33-2, and a data selection unit 34. The data hold units 33-1 and 33-2 and the data selection unit 34 are connected to the selection signal generation unit 16. Furthermore, the clock signal is supplied to the input timing control unit 31 and the selection signal generation unit 16.
[0037] The selection signal generation unit 16 (located outside of the register circuit 14) outputs a selection signal indicating one of the data hold units 33-1 and 33-2 in synchronization with the clock signal.
[0038] As a method for generating the selection signal, for example, a table 40 storing a plurality of selection patterns (each binary line) is prepared as shown in FIG. 4. One selection pattern is selected from the table 40, and a selection signal corresponding to the binary of the one selection pattern is orderly generated in synchronization with the clock signal (For example, "0".fwdarw.the data hold unit 33-1, "1".fwdarw.the data hold unit 33-2). Furthermore, by preparing a random number generator of one bit, a selection signal corresponding to a random number "0/1" may be orderly generated in synchronization with the clock signal.
[0039] The input timing control unit 31 controls timing to supply masked data (from the operation circuit 11) to the data hold unit 33-1 or 33-2. This timing is based on the clock signal.
[0040] Based on the selection signal from the selection signal generation unit 16, masked data from the operation circuit 11 is written and held in one of the data hold units 33-1 and 33-2. Briefly, one of the data hold units 33-1 and 33-2 is updated, and the other of the data hold units 33-1 and 33-2 holds previous data. In this case, the selection signal is synchronized with the clock signal. Accordingly, timing to update the masked data is also synchronized with the clock signal.
[0041] FIG. 5 shows one example of a relationship among the selection signal of the selection signal generation unit 16, and contents held in the data hold units 33-1 and 33-2. In case of the selection signal "0", the data hold unit 33-1 is selected. In case of the selection signal "1", the data hold unit 33-2 is selected.
[0042] If the selection signal is "0" (representing the data hold unit 33-1) at timing T1, Masked Data 1 as an operation result from the operation circuit 11 is held in the data hold unit 33-1. On the other hand, the data hold unit 33-2 continually holds Masked Data 0. The Masked Data 0 is a previous operation result from the operation circuit 11.
[0043] Next, if the selection signal is "1" (representing the data hold unit 33-2) at timing T2, Masked Data 2 as next operation result from the operation circuit 11 is held in the data hold unit 33-2. On the other hand, the data hold unit 33-1 continually holds Masked Data 1 (already held at timing T1).
[0044] Next, if the selection signal is "1" (representing the data hold unit 33-2) at timing T3, Masked Data 3 as two next operation result from the operation circuit 11 is held in the data hold unit 33-2. On the other hand, the data hold unit 33-1 continually holds Masked Data 1 (already held at timing T1).
[0045] Next, if the selection signal is "0" (representing the data hold unit 33-1) at timing T4, Masked Data 4 as three next operation result from the operation circuit 11 is held in the data hold unit 33-1. On the other hand, the data hold unit 33-2 continually holds Masked Data 3 (already held at timing T3).
[0046] The above example shows a method for continually writing masked data to the same data hold unit. In this case, if a DPA attack is executed against the data hold unit in which masked data is continually written, mask is offset and difference between previous data and current data is found. As a result, secret information is known and security is not apparently maintained. However, if continuous writing of masked data does not occur sequentially, an attacker can not estimate the Hamming distance correctly. Accordingly, the method shown in FIG. 5 has stability against a DPA attack. Furthermore, if masked data is orderly written based on a selection pattern of the second binary line in FIG. 4, masked data is not continually written to the same data hold unit. Accordingly, this method has certainly stability against a DPA attack.
[0047] In the above example, as for the data hold unit not selected (masked data is not written), non-processing is executed. However, contents held in the data hold unit not selected may be reset. In this case, "reset" means that "0" or "1" is written to contents of the data hold unit. Furthermore, contents held in the data hold unit not selected may be reversed or replaced with predetermined binary values or a random number. As a result, masked data unnecessary for current operation but reflecting past operation does not remain, and the security of secret information increases.
[0048] In FIG. 3, based on the selection signal from the selection signal generation unit 16, the data selection unit 34 selects the latest operation result (of masked data) held in any of the data hold units 33-1 and 33-2, and outputs the latest operation result to the operation unit 11 (or the Exclusive OR circuit 15 at operation completion timing). In this case, the data selection unit 34 selects one data hold unit 33-1 or 33-2 based on the selection signal which was used to select the one data hold unit to write the latest operation result. Accordingly, the latest operation result of masked data can be read from the one data hold unit.
[0049] The latest operation result of masked data is recursively supplied to the operation circuit 11 as input data for the next operation. Furthermore, when the operation circuit 11 outputs an operation completion signal to the register circuit 14 (not shown in FIG. 3), the latest operation result of masked data is output to the Exclusive OR circuit 15. The Exclusive OR circuit 15 operates Exclusive OR between the latest operation result of masked data and the same random number (from the random number supply unit 12), and outputs cipher text/plain text data (final output) to the outside.
[0050] For example, as shown in FIG. 6, by aligning "n" units of one bit-register circuit in parallel (combined by logical elements), the register circuit 14 of "n" bits can be composed. In FIG. 6, two outputs of one bit register circuit are shown. In this case, one bit value actually output from any of the two outputs is used as the output value.
[0051] As mentioned-above, in the present embodiment, in case of encryption/decryption by repeating the same operation, each operation result of masked data is selectively written to any of two data hold units. Accordingly, the random number need not be changed at operation timing of the operation circuit 11. As a result, scale of the random number generation unit 21 can be miniaturized. In other words, if the random number generation unit is miniaturized only, stability for DPA attack lacks because the random number generation unit constantly generates the same random number. However, in the present embodiment, by preparing two data hold units, each operation result of masked data is selectively written into any of two data hold units. As a result, lacking of stability for DPA attack can be overcome.
[0052] Next, application example of the present embodiment is explained. In the above embodiment, the register circuit 14 prepares two data hold units. However, the register circuit 14 may prepare a plurality of data hold units equal to or more than three data hold units. FIG. 7 is one application example of the block diagram of the register circuit 14. As shown in FIG. 7, three data hold units 33-1, 33-2, and 33-3 are prepared. In comparison with FIG. 3, different point with the three data hold units is as follows.
[0053] (1) The selection signal is changed to select one of the three data hold units.
[0054] (2) The data selection unit 34' selects one of masked data stored in the three data hold units based on the selection signal.
[0055] As for point (1), in the table of FIG. 4, the selection signal is generated in correspondence with not one bit but two bits. As for point (2), any of three data hold units is selected by three values in four values represented by the two bits. In case of three data hold units, selection of one from three data hold units to write masked data is more complicated than two data hold units. Accordingly, stability against DPA attack increases.
[0056] In FIG. 1, the Exclusive OR circuit 13 is located outside of the operation circuit 11. However, the Exclusive OR circuit 13 may be included in the operation circuit 11. In this case, when plain text/cipher text data is input to the operation circuit 11, the plain text/cipher text data is firstly operated with the random number by Exclusive OR. Alternatively, after some preprocessing is executed to the plain text/cipher text data, the plain text/cipher text data may be operated with the random number by Exclusive OR.
[0057] Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. It is intended that the specification and examples be considered as exemplary only, with the true scope and spirit of the invention being indicated by the following claims.
* * * * *
uspto.report is an independent third-party trademark research tool that is not affiliated, endorsed, or sponsored by the United States Patent and Trademark Office (USPTO) or any other governmental organization. The information provided by uspto.report is based on publicly available data at the time of writing and is intended for informational purposes only.
While we strive to provide accurate and up-to-date information, we do not guarantee the accuracy, completeness, reliability, or suitability of the information displayed on this site. The use of this site is at your own risk. Any reliance you place on such information is therefore strictly at your own risk.
All official trademark data, including owner information, should be verified by visiting the official USPTO website at www.uspto.gov. This site is not intended to replace professional legal advice and should not be used as a substitute for consulting with a legal professional who is knowledgeable about trademark law.
| 